Skip to main content
Active

Outlook: Critical vulnerability

Microsoft hat eine kritische Zero-Click-Sicherheitslücke in Outlook geschlossen (CVE-2026-40361). Die Schwachstelle ermöglicht potenziell die Ausführung von Schadcode allein durch das Anzeigen oder Vorschauen einer E-Mail – ohne dass Nutzer auf Links oder Anhänge klicken müssen.

Severity:
High

Microsoft has closed a critical zero-click vulnerability in Outlook (CVE-2026-40361). The vulnerability potentially allows malicious code to be executed simply by viewing or previewing an email - without users having to click on links or attachments.

The vulnerability has been classified by Microsoft as "Exploitation More Likely". Security experts therefore recommend installing the security updates provided as soon as possible.

 

Recommended measures:

  • Install Outlook and Office updates immediately

Recommended action:

  1. Activate the option Receive updates for other Microsoft products when you update Windows so that you can receive Office updates.
    https://support.microsoft.com/de-de/office/aktualisieren-von-office-mit-microsoft-update-f59d3f9d-bd5d-4d3b-a08e-1dd659cf5282

     

  2. Update your PC via Windows Updates. These are usually reported and carried out by the system itself or can be initiated in the following way:

https://support.microsoft.com/de-de/windows/windows-aktualisieren-3c5ae7fc-9fb6-9af1-1984-b5e0412c556a#:~:text=Select Start , go to Settings,device to apply the updates.

If you have any questions or need help, the ZIMT IT Support Desk is available as usual:

https://www.uni-siegen.de/service/zimt-it-supportdesk

Everything at a glance
Type
Notice
Start date
15.05.2026 11:31 o'clock
End date
Open (Active)
Severity
High